Learn GIAC Certified Windows Security Administrator (GCWN) Expert

GIAC Certified Windows Security Administrator (GCWN) Expert - Led Video Course

Visit this Web URL :

https://masterytrail.com/product/legitimized-giac-certified-windows-security-administrator-gcwn-expert-led-video-course-masterytrail

Lesson 1: Introduction to Windows Security

1.1 Overview of Windows Security

1.2 Windows Security Architecture

1.3 Key Terminology

1.4 Evolution of Windows Security

1.5 Security Goals and Principles

1.6 Common Attack Vectors

1.7 Security Features in Windows

1.8 Windows Security Products

1.9 Security Compliance Standards

1.10 Security Roles and Responsibilities

Lesson 2: Windows Authentication Mechanisms

2.1 Authentication Concepts

2.2 Local vs Domain Authentication

2.3 NTLM Authentication

2.4 Kerberos Protocol

2.5 Credential Storage

2.6 Smart Card Authentication

2.7 Multi-factor Authentication

2.8 Credential Guard

2.9 Cached Credentials

2.10 Authentication Troubleshooting

Lesson 3: Active Directory Security

3.1 Introduction to Active Directory

3.2 Domain Controllers

3.3 Active Directory Objects

3.4 AD Security Best Practices

3.5 Privileged Accounts

3.6 Group Policy Security

3.7 Delegation of Control

3.8 Forest and Domain Trusts

3.9 Auditing AD Changes

3.10 Securing AD Replication

Lesson 4: Windows Authorization and Access Control

4.1 Authorization Concepts

4.2 Access Control Models

4.3 Discretionary Access Control (DAC)

4.4 System Access Control Lists (SACLs)

4.5 Effective Permissions

4.6 User Rights Assignment

4.7 Permission Inheritance

4.8 Managing File System Permissions

4.9 Auditing Access Control

4.10 Troubleshooting Access Issues

Lesson 5: Group Policy Security

5.1 Introduction to Group Policy

5.2 Group Policy Objects (GPOs)

5.3 GPO Processing Order

5.4 Security Templates

5.5 User Rights Assignment via GPO

5.6 Software Restriction Policies

5.7 AppLocker Policies

5.8 Auditing via Group Policy

5.9 GPO Security Filtering

5.10 Best Practices for GPOs

Lesson 6: Windows Firewall and Network Security

6.1 Windows Firewall Overview

6.2 Firewall Profiles

6.3 Inbound and Outbound Rules

6.4 Configuring Firewall via GPO

6.5 Advanced Firewall Settings

6.6 Monitoring Firewall Activity

6.7 Troubleshooting Firewall Issues

6.8 Network Isolation

6.9 IPSec Integration

6.10 Network Security Best Practices

Lesson 7: Patch Management and Updates

7.1 Patch Management Overview

7.2 Windows Update Service

7.3 WSUS Configuration

7.4 Update Deployment Options

7.5 Patch Testing Procedures

7.6 Patch Compliance Reporting

7.7 Rollback Procedures

7.8 Automating Patch Management

7.9 Third-party Patch Management

7.10 Patch Management Best Practices

Lesson 8: Securing Windows Services

8.1 Windows Services Overview

8.2 Service Account Types

8.3 Restricting Service Permissions

8.4 Hardening Critical Services

8.5 Managing Service Dependencies

8.6 Service Auditing

8.7 Disabling Unnecessary Services

8.8 Service Recovery Options

8.9 Monitoring Service Activity

8.10 Securing Network Services

Lesson 9: Hardening Windows Operating Systems

9.1 Hardening Principles

9.2 Default Settings Analysis

9.3 Disabling Unnecessary Features

9.4 Security Baselines

9.5 Local Security Policies

9.6 Registry Hardening

9.7 User Account Control (UAC)

9.8 Secure System Configuration

9.9 Hardening Remote Access

9.10 Verifying Hardening Measures

Lesson 10: Windows Event Logging and Monitoring

10.1 Windows Event Log Architecture

10.2 Types of Event Logs

10.3 Configuring Event Log Settings

10.4 Event Log Forwarding

10.5 Event Log Analysis

10.6 Monitoring Security Events

10.7 Custom Event Views

10.8 Log Retention Policies

10.9 Integrating with SIEM

10.10 Event Log Best Practices

Lesson 11: Windows Defender and Malware Protection

11.1 Introduction to Windows Defender

11.2 Real-time Protection

11.3 Defender Configuration

11.4 Scheduled Scans

11.5 Quarantine and Remediation

11.6 Threat Intelligence Integration

11.7 Defender ATP

11.8 Malware Analysis Tools

11.9 Responding to Malware Alerts

11.10 Best Practices for Anti-malware

Lesson 12: Securing Remote Desktop Services

12.1 RDP Security Overview

12.2 Network Level Authentication

12.3 RDP Encryption Settings

12.4 Restricting RDP Access

12.5 Remote Desktop Gateway

12.6 RDP Logging and Auditing

12.7 Two-factor Authentication for RDP

12.8 RDP Session Timeouts

12.9 RDP Vulnerability Mitigation

12.10 Best Practices for Remote Access

Lesson 13: Windows Credential Management

13.1 Credential Storage Locations

13.2 SAM and LSASS

13.3 Credential Manager

13.4 Managing Cached Credentials

13.5 Protecting Passwords

13.6 Credential Theft Techniques

13.7 Mitigating Credential Theft

13.8 Credential Guard Deployment

13.9 Secure Password Policies

13.10 Credential Cleanup Procedures

Lesson 14: BitLocker and Disk Encryption

14.1 Introduction to BitLocker

14.2 Encryption Algorithms

14.3 TPM Integration

14.4 BitLocker Configuration

14.5 Managing BitLocker Keys

14.6 Network Unlock

14.7 BitLocker Recovery

14.8 Monitoring BitLocker Status

14.9 BitLocker to Go

14.10 Best Practices for Encryption

Lesson 15: User Account Security

15.1 Types of Windows Accounts

15.2 Account Provisioning

15.3 Secure Account Policies

15.4 Account Lockout Policies

15.5 Privileged Account Management

15.6 Managing Local Accounts

15.7 Disabling Inactive Accounts

15.8 Auditing Account Activity

15.9 Account Expiry Policies

15.10 User Account Security Best Practices

Lesson 16: Securing Windows Applications

16.1 Application Security Overview

16.2 Application Whitelisting

16.3 AppLocker Implementation

16.4 Software Restriction Policies

16.5 Securing Legacy Applications

16.6 Auditing Application Activity

16.7 Managing Application Updates

16.8 Application Sandboxing

16.9 Preventing Application Exploits

16.10 Best Practices for Application Security

Lesson 17: Windows Update Security

17.1 Windows Update Overview

17.2 Update Channels

17.3 Security Updates vs Feature Updates

17.4 Automatic Updates Configuration

17.5 Managing Update Rollouts

17.6 Update Verification

17.7 Update Failure Troubleshooting

17.8 Update Logging

17.9 WSUS Security

17.10 Best Practices for Update Management

Lesson 18: Network Access Protection (NAP)

18.1 NAP Overview

18.2 NAP Components

18.3 NAP Enforcement Methods

18.4 Configuring NAP Policies

18.5 Health Validators

18.6 Remediation Servers

18.7 NAP Reporting

18.8 Integrating NAP with DHCP

18.9 Troubleshooting NAP

18.10 NAP Best Practices

Lesson 19: Securing Windows File Systems

19.1 File System Types

19.2 NTFS Permissions

19.3 EFS (Encrypting File System)

19.4 Auditing File Access

19.5 Managing Shares

19.6 Securing Network Shares

19.7 File System Quotas

19.8 Preventing Data Leakage

19.9 Removable Media Security

19.10 File System Security Best Practices

Lesson 20: Windows PKI and Certificate Management

20.1 Introduction to PKI

20.2 Certificate Authorities

20.3 Certificate Enrollment

20.4 Certificate Templates

20.5 Managing Certificates

20.6 Certificate Revocation

20.7 Auto-enrollment

20.8 Certificate Store Locations

20.9 Troubleshooting Certificates

20.10 Best Practices for PKI

Lesson 21: Windows Security Auditing

21.1 Auditing Overview

21.2 Audit Policy Configuration

21.3 Object Access Auditing

21.4 Logon/Logoff Auditing

21.5 Policy Change Auditing

21.6 Privilege Use Auditing

21.7 Process Tracking

21.8 Directory Service Auditing

21.9 Audit Log Management

21.10 Auditing Best Practices

Lesson 22: Securing Windows PowerShell

22.1 PowerShell Security Features

22.2 Execution Policies

22.3 Script Signing

22.4 Constrained Language Mode

22.5 Just Enough Administration

22.6 PowerShell Remoting Security

22.7 Auditing PowerShell Usage

22.8 PowerShell Logging

22.9 PowerShell Threats

22.10 Securing PowerShell Scripts

Lesson 23: Windows Security Tools and Utilities

23.1 Security Configuration Wizard

23.2 Windows Security Center

23.3 Sysinternals Tools

23.4 Microsoft Baseline Security Analyzer

23.5 Local Security Policy Tool

23.6 Event Viewer

23.7 Resource Monitor

23.8 Task Manager Security Features

23.9 Windows Admin Center

23.10 Using Security Tools in Practice

Lesson 24: Windows Security Policy Management

24.1 Security Policy Overview

24.2 Local Security Policy vs Group Policy

24.3 Account Policies

24.4 Audit Policies

24.5 User Rights Assignment

24.6 Security Options

24.7 Importing/Exporting Policies

24.8 Policy Conflict Resolution

24.9 Monitoring Policy Changes

24.10 Policy Management Best Practices

Lesson 25: Windows Security Baseline Implementation

25.1 Baseline Concept

25.2 Microsoft Security Baselines

25.3 Baseline Customization

25.4 Deploying Baselines

25.5 Baseline Assessment Tools

25.6 Baseline Compliance Checks

25.7 Remediation Strategies

25.8 Reporting on Baselines

25.9 Updating Baselines

25.10 Continuous Improvement

Lesson 26: Securing Domain Controllers

26.1 Domain Controller Roles

26.2 Physical Security

26.3 DC Hardening Steps

26.4 Securing AD Replication

26.5 Restricting DC Access

26.6 Monitoring DCs

26.7 Backing up Domain Controllers

26.8 Protecting DC Credentials

26.9 DC Patch Management

26.10 Incident Response for DCs

Lesson 27: Incident Response on Windows Systems

27.1 Incident Response Overview

27.2 Identifying Security Events

27.3 Collecting Forensic Evidence

27.4 Analyzing Security Logs

27.5 Isolating Affected Systems

27.6 Remediation Procedures

27.7 Reporting Incidents

27.8 Post-Incident Review

27.9 Communication Plans

27.10 Improving Response Capabilities

Lesson 28: Windows Security Compliance

28.1 Compliance Standards (PCI, HIPAA, etc.)

28.2 Windows Compliance Tools

28.3 Compliance Auditing

28.4 Automating Compliance Checks

28.5 Reporting Compliance

28.6 Remediation for Non-Compliance

28.7 Documentation Requirements

28.8 Compliance Policy Development

28.9 Continuous Compliance

28.10 Compliance Best Practices

Lesson 29: Windows Security Automation

29.1 Automation Tools Overview

29.2 PowerShell Automation

29.3 Task Scheduler Security

29.4 Automating Patch Deployment

29.5 Automated Auditing

29.6 Automated Backup and Recovery

29.7 Security Automation Best Practices

29.8 Scripting Common Security Tasks

29.9 Automation for Compliance

29.10 Monitoring Automated Processes

Lesson 30: Windows Security in Virtual Environments

30.1 Virtualization Security Overview

30.2 Hyper-V Security Features

30.3 Securing Virtual Machines

30.4 Isolation Techniques

30.5 Virtual Networking Security

30.6 Managing VM Snapshots

30.7 Securing VM Storage

30.8 VM Patch Management

30.9 Monitoring Virtual Environments

30.10 Incident Response in Virtualization

Lesson 31: Windows Security for Cloud Integration

31.1 Cloud Security Overview

31.2 Hybrid Identity

31.3 Azure AD Integration

31.4 Securing Cloud Resources

31.5 Cloud-based Authentication

31.6 Managing Cloud Permissions

31.7 Cloud Logging and Auditing

31.8 Data Protection in the Cloud

31.9 Cloud Compliance

31.10 Best Practices for Cloud Security

Lesson 32: Windows Security Threats and Vulnerabilities

32.1 Common Threats to Windows

32.2 Vulnerability Assessment Tools

32.3 Zero-Day Vulnerabilities

32.4 Privilege Escalation

32.5 Lateral Movement

32.6 Pass-the-Hash Attacks

32.7 Ransomware Threats

32.8 Social Engineering

32.9 Insider Threats

32.10 Mitigation Strategies

Lesson 33: Windows Security Updates and Hotfixes

33.1 Hotfixes vs Updates

33.2 Cumulative Updates

33.3 Servicing Channels

33.4 Update Catalog

33.5 Hotfix Installation

33.6 Update Rollback

33.7 Verifying Update Status

33.8 Update Troubleshooting

33.9 Security Advisory Monitoring

33.10 Update Documentation

Lesson 34: Securing Windows DNS Services

34.1 DNS Security Basics

34.2 Secure Dynamic Updates

34.3 DNSSEC

34.4 DNS Logging and Auditing

34.5 DNS Cache Poisoning Prevention

34.6 Role-based Access for DNS

34.7 Monitoring DNS Traffic

34.8 DNS Service Hardening

34.9 DNS Response Policy Zones

34.10 DNS Security Best Practices

Lesson 35: Windows Security for Mobile Devices

35.1 Mobile Device Management Overview

35.2 Windows Defender for Endpoint

35.3 Mobile Application Security

35.4 Device Encryption

35.5 Secure Access Controls

35.6 Network Security for Mobile

35.7 Mobile Patch Management

35.8 Monitoring Mobile Devices

35.9 Data Loss Prevention

35.10 Mobile Security Policies

Lesson 36: Windows Security and Data Loss Prevention

36.1 DLP Concepts

36.2 DLP Tools for Windows

36.3 File Classification Infrastructure

36.4 Protecting Sensitive Data

36.5 DLP Policies and Enforcement

36.6 Monitoring Data Movement

36.7 Preventing Data Exfiltration

36.8 DLP Incident Response

36.9 DLP Reporting

36.10 Best Practices for DLP

Lesson 37: Securing Windows Web Servers (IIS)

37.1 IIS Security Overview

37.2 Hardening IIS

37.3 Managing IIS Permissions

37.4 SSL/TLS for IIS

37.5 Application Pool Security

37.6 Web Application Firewall

37.7 Logging and Monitoring

37.8 IIS Authentication Methods

37.9 Patch Management for IIS

37.10 Incident Response for IIS

Lesson 38: Securing Windows Print Services

38.1 Print Services Overview

38.2 Print Server Hardening

38.3 Printer Permissions

38.4 Print Spooler Security

38.5 Auditing Print Jobs

38.6 Printer Driver Security

38.7 Network Print Security

38.8 Print Service Monitoring

38.9 Patch Management for Print Services

38.10 Print Service Incident Response

Lesson 39: Securing Windows Remote Access Services

39.1 Remote Access Overview

39.2 VPN Configuration

39.3 RADIUS Integration

39.4 Secure Authentication for Remote Access

39.5 Remote Access Policies

39.6 Auditing Remote Access

39.7 Securing RAS Servers

39.8 Remote Access Logging

39.9 Patch Management for Remote Access

39.10 Best Practices for Remote Access

Lesson 40: Windows Security for Endpoints

40.1 Endpoint Security Overview

40.2 Endpoint Protection Tools

40.3 Device Control

40.4 Application Control

40.5 Endpoint Patch Management

40.6 Monitoring Endpoint Activity

40.7 Incident Response for Endpoints

40.8 User Awareness Training

40.9 Endpoint Encryption

40.10 Endpoint Security Best Practices

Lesson 41: Advanced Auditing and Forensics

41.1 Advanced Audit Policy Configuration

41.2 Collecting Forensic Data

41.3 Timeline Analysis

41.4 File and Process Analysis

41.5 Registry Forensics

41.6 Memory Forensics

41.7 Network Forensics

41.8 Reporting Forensic Findings

41.9 Legal Considerations

41.10 Tools for Windows Forensics

Lesson 42: Windows Security for Servers

42.1 Server Hardening

42.2 Securing Server Roles

42.3 Server Patch Management

42.4 Server Monitoring

42.5 Server Authentication and Authorization

42.6 Remote Administration Security

42.7 Backup and Recovery

42.8 Server Incident Response

42.9 Compliance for Servers

42.10 Server Security Best Practices

Lesson 43: Securing Windows Workstations

43.1 Workstation Security Overview

43.2 Hardening Workstation Configurations

43.3 Enforcing Security Policies

43.4 Application Security on Workstations

43.5 Patch Management for Workstations

43.6 Monitoring Workstation Activity

43.7 User Training and Awareness

43.8 Remote Workstation Security

43.9 Incident Response for Workstations

43.10 Workstation Security Best Practices

Lesson 44: Windows Security for BYOD (Bring Your Own Device)

44.1 BYOD Challenges

44.2 Endpoint Security for BYOD

44.3 Device Registration

44.4 Mobile Application Management

44.5 Data Protection Strategies

44.6 Network Access Control

44.7 Monitoring BYOD Activity

44.8 Policy Enforcement

44.9 Incident Response for BYOD

44.10 BYOD Security Best Practices

Lesson 45: Windows Security in DevOps Environments

45.1 DevOps Security Concepts

45.2 Securing Build Pipelines

45.3 Managing Secrets

45.4 Code Signing

45.5 Automated Testing for Security

45.6 Monitoring DevOps Activities

45.7 Patch Management in DevOps

45.8 Secure Deployment Practices

45.9 Compliance in DevOps

45.10 DevOps Security Best Practices

Lesson 46: Windows Security for IoT Devices

46.1 IoT Security Challenges

46.2 Device Discovery

46.3 Secure Device Configuration

46.4 Network Segmentation

46.5 Firmware Updates

46.6 Monitoring IoT Devices

46.7 Data Protection for IoT

46.8 Incident Response for IoT

46.9 Compliance for IoT

46.10 IoT Security Best Practices

Lesson 47: Windows Security Logging and SIEM Integration

47.1 Logging Standards

47.2 Log Management Tools

47.3 SIEM Overview

47.4 SIEM Integration with Windows

47.5 Log Forwarding

47.6 Correlating Security Events

47.7 Incident Detection with SIEM

47.8 SIEM Reporting

47.9 Tuning SIEM Rules

47.10 SIEM Best Practices

Lesson 48: Windows Security for Email Services

48.1 Email Security Overview

48.2 Securing Exchange Server

48.3 Email Authentication Methods

48.4 Spam and Malware Filtering

48.5 Email Encryption

48.6 Auditing Email Activity

48.7 Patch Management for Email Servers

48.8 Incident Response for Email

48.9 User Training for Email Security

48.10 Email Security Best Practices

Lesson 49: Windows Security for Database Servers

49.1 Database Server Security Overview

49.2 SQL Server Authentication

49.3 Securing Database Connections

49.4 Data Encryption at Rest

49.5 Database Auditing

49.6 Managing Database Permissions

49.7 Patch Management for Databases

49.8 Backup and Recovery Security

49.9 Monitoring Database Activity

49.10 Incident Response for Databases

Lesson 50: Windows Security Best Practices and Review

50.1 Reviewing Key Security Concepts

50.2 Building a Security Framework

50.3 Continuous Improvement

50.4 Security Awareness Training

50.5 Policy and Procedure Development

50.6 Incident Response Planning

50.7 Monitoring and Auditing

50.8 Regular Security Assessments

50.9 Staying Up-to-date

50.10 Preparing for the GCWN Exam